-#============LICENSE_START========================================================
-# ================================================================================
-# Copyright (c) 2021 ZTE Corporation Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-#################################################################
-# Global configuration.
-#################################################################
-global:
- nodePortPrefixExt: 302
- msbProtocol: https
- msbServiceName: msb-iag
- msbPort: 443
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/holmes/rule-management:11.0.0
-consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
-
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
- nameOverride: holmes-rule-mgmt-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- # aafDeployCredsExternalSecret: some secret
- fqdn: holmes-rule-mgmt
- fqi: holmes-rule-mgmt@holmes-rule-mgmt.onap.org
- fqi_namespace: org.onap.holmes-rule-mgmt
- public_fqdn: holmes-rule-mgmt.onap.org
- cadi_longitude: "0.0"
- cadi_latitude: "0.0"
- app_ns: org.osaaf.aaf
- credsPath: /opt/app/osaaf/local
- aaf_add_config: |
- echo "*** changing them into shell safe ones"
- export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
- export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
- cd {{ .Values.credsPath }}
- keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
- -storepass "${cadi_keystore_password_p12}" \
- -keystore {{ .Values.fqi_namespace }}.p12
- keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
- -storepass "${cadi_truststore_password}" \
- -keystore {{ .Values.fqi_namespace }}.trust.jks
- echo "*** save the generated passwords"
- echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
- echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
- echo "*** change ownership of certificates to targeted user"
- chown -R 1000 .
-
-#################################################################
-# Secrets metaconfig
-#################################################################
-secrets:
-- uid: pg-user-creds
- type: basicAuth
- externalSecret: '{{ tpl (default "" .Values.config.pgConfig.dbUserCredsExternalSecret) . }}'
- login: '{{ .Values.config.pgConfig.dbUser }}'
- password: '{{ .Values.config.pgConfig.dbUserPassword }}'
-
-# application configuration
-config:
- logstashServiceName: log-ls
- logstashPort: 5044
- # Addresses of other ONAP entities
- address:
- consul:
- host: consul-server
- port: 8500
- pgConfig:
- dbName: defaultName
- dbHost: defaultHost
- dbPort: 1234
- dbUser: admin
- dbUserPassword: admin
- # dbUserCredsExternalSecret
-
-service:
- type: NodePort
- name: holmes-rule-mgmt
- ports:
- - name: https-rest
- port: &svc_port 9101
- nodePort: 92
- - name: https-ui
- port: 9104
- nodePort: 93
-
-# probe configuration parameters
-liveness:
- initialDelaySeconds: 10
- port: *svc_port
- periodSeconds: 10
- path: /api/holmes-rule-mgmt/v1/healthcheck
- enabled: true
- scheme: HTTPS
-
-readiness:
- initialDelaySeconds: 30
- port: *svc_port
- periodSeconds: 30
- path: /api/holmes-rule-mgmt/v1/healthcheck
- scheme: HTTPS
-
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 250m
- memory: 1024Mi
- requests:
- cpu: 250m
- memory: 256Mi
- large:
- limits:
- cpu: 500m
- memory: 2Gi
- requests:
- cpu: 500m
- memory: 512Mi
- unlimited: {}
-
-#Pods Service Account
-serviceAccount:
- nameOverride: holmes-rule-mgmt
- roles:
- - read